FreeBSD IPSec stack contains backdoors?

Kevin Wilcox kevin.wilcox at gmail.com
Fri Dec 17 16:54:36 UTC 2010


On 17 December 2010 10:36, Mike L <jackoroses at gmail.com> wrote:

> Reads like an unacceptable response to an issue that seems quite critical.

Here, let me re-iterate for those that may not have a copy of what
you're saying is unacceptable in front of them:

o we're aware there's talk about some projects possibly having been
compromised a decade ago

o we have ports of those projects in our project

o the code that ends up in FreeBSD from those other projects rarely
resembles the original project's code

o in the porting process, bugs may unintentionally be introduced or removed

o bugs present in the upstream project may not be found in FreeBSD's version

o people are welcome and encouraged to look at the FreeBSD code,
provide fixes and/or decide for themselves if they want to use it

What more do you want them to say? How is this is not a perfectly
reasonable response?

Cutting security-officer@ out because I'm pretty sure Colin reads this list.

kmw


More information about the freebsd-questions mailing list